Uncategorized

Firmware exploitation with PNF Software’s JEB

PNF Software has a series of blog posts on how to use their JEB product to reverse firmware:

Firmware Exploitation with JEB:

In this series of blog posts I will show how JEB’s MIPS decompiler 1 can help you find and exploit software vulnerabilities in embedded devices. To do so, we will use Praetorian’s Damn Vulnerable Router Firmware (DVRF) written by b1ack0wl. DVRF is a custom firmware made to run on a Linksys E1550 router containing a bunch of memory corruption vulnerabilities. The goal of the DVRF is to serve as a playground to learn exploitation on the MIPS architecture. As far as I know, there are no write-ups of the challenges on the Internet. For the readers interested in testing the challenges by themselves, I suggest to follow the DVRF tutorial, and getting a complete MIPSEL Debian QEMU image as it allows the usual exploit development workflow on Linux, without any limits on the available tools.[…]

https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-1/
https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-2/
https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-3-reversing-the-smartrgs-sr505n/

https://www.pnfsoftware.com/jeb2/mips

Standard

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s